Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Documentationbreadcrumb arrow Grafana Pyroscopebreadcrumb arrow Release notesbreadcrumb arrow V1.18
Open source

Version 1.18.1 release notes

Maintenance release to update Go version and address security vulnerability.

Changes

  • Update golang version to 1.24.13 (#4830)

Version 1.18.0 release notes

The Pyroscope team is excited to present Grafana Pyroscope 1.18.0

This release contains enhancements, fixes, improves stability & performance.

Notable changes are listed below. For more details, check out the 1.18.0 changelog.

Enhancements

  • The source code integration now supports Python (#4726, #4732, #4730)
  • Implement comprehensive profile size limits across ingestion endpoints (#4734)
  • Update golang version to 1.24.12 (#4760)
  • Set a maximum ingestion body size by default (#4761)
  • Update OpenTelemetry dependencies, proto=v1.9.0 profiles=v0.2.0 (#4731)
  • Enforce maxNodes optionally on SelectMergeProfile through limits in v2 (#4723)
  • Add benchmarks for timeseries query performance with exemplars (#4665)

Fixes

  • Fix exemplar value calculation for split profiles (#4753)
  • Relative matching for source code mapping (#4754)
  • VCS Service: Failed file lookup should be 404 instead of 500 (#4759)
  • Remove unintended double base64 encoding in vcs service (#4703)
  • Frontend: Bump qs to address CVE-2025-15284 (#4724)
  • Frontend: Bump sweetalert2 to address GHSA-457r-cqc8-9vj9, GHSA-8jh9-wqpf-q52c and GHSA-pg98-6v7f-2xfv (#4727)
  • Frontend: Bump @remix-run/router and react-router to address CVE-2026-22029 and CVE-2025-68470 (#4763)

Documentation

  • Rename GitHub integration to source code integration (#4755)
  • Update source code integration docs to include Java and Python support (#4651)
  • Fix inline link in eBPF docs (#4733)